Week in review: Backdoored NIST standard revealed, Java’s new whitelisting feature, and the new issue of (IN)SECURE Magazine

Here’s an overview of some of last week’s most interesting news and articles:

How important is penetration testing?
With cyber attacks becoming the norm, it is more important than ever before to undertake regular vulnerability scans and penetration testing to identify vulnerabilities and ensure on a regular basis that the cyber controls are working.

With crypto being insecure, whom do you trust?
Last week’s revelation that the NSA has for years now concentrated on subverting the encryption that protects commerce and banking transactions, sensitive data, e-mails, phone calls, web searchers and so on would have not come as such a shock were it not for the array of questionable methods they used.

New gTLD security implications
The new gTLDs that are being implemented have a few security concerns already. One of the major concerns is Name Collision, which results from a single domain name being used in different places.

Is BEAST still a threat?
Yesterday Ivan Ristic changed the SSL Labs rating criteria to stop penalizing sites that do not implement server-side mitigations for the BEAST attack. That means that they now consider this attack sufficiently mitigated client-side, but, there are still some things you should now.

Timing is an influential risk-factor for cyber attacks
There are several dates throughout the year that are notorious for wreaking havoc on businesses via DDoS attacks, data breaches and even malware or botnet assaults.

Security heavyweights to keynote HITB conference in Malaysia
This October, both Chief Security Officers of Akamai and Facebook will be in Kuala Lumpur to deliver their Day 1 and Day 2 keynote talks at HITBSecConf 2014 (October 16th and 17th).

EU politicians want to suspend banking data-sharing program
Following the claims that the NSA has spied on the Belgian-based Society for Worldwide Interbank Financial Telecommunication (SWIFT) – the organization that provides the eponymous network that enables financial institutions around the world to send and receive information about financial transactions – European politicians are demanding the immediate suspension of the Terrorist Finance Tracking Program, which allows the US Treasury to access the SWIFT transaction database.

Why the iPhone fingerprint reader is a good idea
Two new iPhones have been announced. According to Apple’s presentation, the most common way to secure a device is with a passcode and about half of smartphone users do not use a passcode. That is a lot of unsecured information. The new iPhone 5S will now have a fingerprint reader built in to the Home Button at the bottom.

Android scareware delivered via spoofed email notices
The attacks starts with spoofed emails made to look like a wedding invitation or a “failed delivery” USPS notification.

Multiplayer games and DoS attacks
Prolexic detailed the rampant problem of denial of service attacks within and from online gaming communities.

(IN)SECURE Magazine issue 39 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Bogus iPhone 5C giveaway hits Facebook users
A message showing a picture of multicolored iPhones 5C and saying that 75 lucky users will be randomly chosen to receive one for free if they “share” and “like” this photo has been so far shared by many users who were tricked into believing the offer was legitimate.

Backdoored NIST standard revealed, will be reopened for review
Adopted by the organization in 2006, the NIST Special Publication 800-90 was apparently authored almost exclusively by NSA cryptographic experts, and includes four Deterministic Random Bit Generators among which is one called Dual_EC_DRBG that should create random numbers to seed encryption keys but, as it turns out, the random numbers it produces have a small bias.

JollyBot SMS Trojan offered for use to low-level crooks via affiliate network
The current cybercrime market is all about Cybercrime-as-a-Service – knowledgeable individuals focus on their core competencies to offer services to those who have not the skills, patience or time to make what they want or need for their criminal exploits. Ideally, they also want to most of the risk to fall on their customers’ back.

2M Vodafone users’ personal and banking info compromised
The names, addresses, birth dates, and bank account information of some 2 million German Vodafone users has been compromised in a breach of a server located “deep in the company’s IT infrastructure”, the company has announced.

Attacks targeting unsupported Java 6 are on the rise
Oracle ended support for Java 6 in February 2013, which means no more security fixes. “While a vendor ending support and no longer providing security fixes isn’t a new thing, the fact that more than 50% of users out there are still running Java 6 makes this an unprecedented situation,” points out Trend Micro Threat Communications Manager Christopher Budd.

NSA says illegal data collection was caused by too complex tech
NSA’s repeated claims about having its surveillance apparatus under control have taken another hit after the agency has been legally forced to publish a huge batch of previously classified documents.
Among other things, one of the documents showed that the NSA “had improperly queried the bulk telephony metadata by using an automated ‘alert list’ process that resulted in the use of selectors that had not been individually reviewed and determined to meet he required reasonable articulable suspicion standard.”

Free eBook: Intrusion Detection Systems with Snort
This eBook explains and simplifies every aspect of deploying and managing Snort in your network.

Java finally gets a whitelisting feature
“The Deployment Rule Set feature is for enterprises that manage their Java desktop environment directly, and provides a way for enterprises to continue using legacy business applications in an environment of ever-tightening Java applet and Java Web Start application security policies,” it is explained in the documentation for the feature.

US Internet users less vigilant than ever about their online safety
Looking year over year, this year’s Microsoft Computing Safety Index (MCSI) US score indicates a decline in consumer behaviors when it comes to taking proactive steps that help protect themselves online.

Aggressive ransomware scam redirects to child porn
Getting denounced for viewing or owning child pornography is a huge deal in most Western world countries, so it’s no wonder that ransomware peddlers are using that specific – and in this case true – accusation to force victims to part with their hard-earned cash.

More about

Don't miss